<%@ page language="java" contentType="text/html; charset=UTF-8"
    pageEncoding="UTF-8"%>
<%@taglib prefix="security" uri="http://www.springframework.org/security/tags" %>
<html>
<body>
	<h2>欢迎<security:authentication property="principal.username"/></h2>
	<form action="/logout" method="post"><input type="submit" value="退出"><input type="hidden" name="${_csrf.parameterName }" value="${_csrf.token }"></form>
	<security:authorize access="hasRole('ROLE_ADMIN')">
		只有管理员才能看到我
	</security:authorize>
</body>
</html>
